isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,094 Commits 1 Branch 0 Tags
ec751c63eb3f0a91e8d2e748a1b84ee2ee12641f
Commit Graph

16 Commits

Author SHA1 Message Date
Todd C. Miller
4aefd43948 For intercepted commands, log an offset into the current I/O log. 
This can be used with sudoreplay to jump to when a specific command
was executed within a session log.
 2021-08-13 16:00:00 -06:00
Todd C. Miller
c234bab7b2 Remove unused info_cb and info arguments from eventlog_exit() 2021-07-15 11:07:25 -06:00
Todd C. Miller
fa7250ead7 Create a UUID and log it in the JSON version of the event log. 2021-07-15 11:07:25 -06:00
Todd C. Miller
b54a16e174 Add support for logging exit status events. 
For sudo-formatted logs, this is a record with "EXIT=number" and
potentially "SIGNAL=name" after the command.  For JSON-format logs,
a new "exit" record is logged which contains an "exit_value" and
potentially "signal" and "core_dumped".  JSON-format logs now incude
a UUID to associate the "exit" record with the "accept" record.
 2021-07-09 11:08:44 -06:00
Todd C. Miller
d452678787 Log peer address in sudo_logsrvd JSON-format logs. 
The peer that connected to us might not be the same host where the
log entry originated.
 2021-03-02 18:37:35 -07:00
Todd C. Miller
4128582723 Move eventlog config code into eventlog_conf.c 2021-02-24 14:25:39 -07:00
Todd C. Miller
a9cad13b11 Use struct eventlog *evlog, not struct eventlog *details. 2020-11-09 16:52:21 -07:00
Todd C. Miller
fdae4bdbbb Add support for file log line wrapping in libeventlog. 2020-10-26 16:16:46 -06:00
Todd C. Miller
d899fe5936 Use real setters for the eventlog config. 
This makes it possible to have a base config that the callers can
modify instead of replacing the config wholesale.
 2020-10-26 16:10:42 -06:00
Todd C. Miller
4416bd5977 Use libeventlog in sudoers instead of doing our own logging. 2020-10-26 16:10:40 -06:00
Todd C. Miller
bd1ca79cca Add support for mailing eventlog entries and for logging raw messages. 
These will be used by the sudoers plugin.
 2020-10-26 16:10:37 -06:00
Todd C. Miller
fe6e0fb215 If no JSON callback is provided, store the contents of struct eventlog. 
This moves the JSON formatting of struct eventlog out of libsudo_iolog
and into libsudo_eventlog where it belongs.
 2020-10-26 15:43:43 -06:00
Todd C. Miller
4652698f8e struct eventlog contains submit_time, no need to pass it in directly. 2020-10-26 15:43:02 -06:00
Todd C. Miller
c0e91d7586 Add an errstr argument to eventlog_alert(). 2020-10-26 15:41:47 -06:00
Todd C. Miller
db72498257 Use struct eventlog in place of struct iolog_info. 2020-10-26 15:31:41 -06:00
Todd C. Miller
707437f6cb Refactor eventlog code into a library 2020-10-26 15:24:35 -06:00